Bleepingcomputer
Exploitation of Triofox Vulnerability CVE-2025-12480 by UNC6485 Threat Group
First seen 2 Dec 2025, 18:33 UTC
•



•83% similarity
•21.4
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Hackers have exploited a critical unauthenticated access vulnerability (CVE-2025-12480) in Gladinet's Triofox file-sharing platform, allowing them to gain unauthorized administrative access and execute remote code. The vulnerability, affecting versions prior to 16.7.10368.56560, was actively exploited by the threat cluster UNC6485, which has been weaponizing this flaw since August 2025. Security researchers discovered the issue and reported it on November 10, 2025.
ThreatCluster AI